Will HTTPS + ASIHTTPRequest get approved by App Store?
I know ASIHTTPRequest works perfectly well with HTTPS. All we need is this one line of code:
[myASIHTTPRequest setValidatesSecureCertificate:NO]
Here's my question, I don't have any HTTPS certificates approved by any authority, including the US government. And I am not a US citizen, and my app isn't targeted at the US market. When I submit an app containing the above HTTPS code,
- Do I need to check the encry开发者_开发问答ption box when submitting?
- If I don't check that box, will the HTTPS code be detected? (Like an private API?)
- If I check that box, will I get rejected? (since I don't have any certificates approved by any authority)
- If I have to get a certificate approved by someone before my app get approved by the App Store, how long will this apply-and-get-approved process be, and what about the cost?
Thanks in advance!
Do I need to check the encryption box when submitting?
No. Your not encrypting any data on the device, it's only transport encryption provided by apple so don't have to tick the box.
If I don't check that box, will the HTTPS code be detected? (Like an private API?)
As above, it doesn't matter.
If I check that box, will I get rejected? (since I don't have any certificates approved by any authority)
If you tick the box you have to fill out a lot more information and your in for a long long wait just getting the legal stuff squared away before you even get to the app review..
If I have to get a certificate approved by someone before my app get approved by the App Store, how long will this apply-and-get-approved process be, and what about the cost?
You buy a certificate from any root certificate authority. Certificates expire, so you have to renew it when it runs out. The cost depends on who you buy the certificate from. I would recommend that you shop. You can also get wildcard certificates e.g. *.example.com that would allow you to setup any site ending in .example.com.
The accepted answer is simply wrong, and following its advice puts your app in danger of being removed from the App Store. You should look at the FAQ for Worldwide Trade Compliance on the iTunes Connect site. It clearly states that even if you use iOS-provided HTTPS, you still need to submit an ERN request to the US government. Also, it does not matter that you live outside the US, as your app is distributed by a company (Apple) in the US.
See this blog post for more details, especially the comments, as BIS has recently made it easier to apply.
精彩评论